cleantalk
Vulnerabilities and Security Researches

xili-language, CVE-2025-58654

CVE, Research URL

CVE-2025-58654

Home page URL

Security reports for xili-language

Application

xili-language

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-language xili-language allows DOM-Based XSS.This issue affects xili-language: from n/a through <= 2.21.3.
Affected versions
max 2.21.3.
Status
vulnerable
Previous vulnerability researches
HT Mega – Absolute Addons for WPBakery Page Builder (CVE-2025-53463) , Apr 24, 2026
HT Mega – Absolute Addons for WPBakery Page Builder (CVE-2025-53206) , Jul 02, 2025
New vulnerability
WooCommerce Cart Abandonment Recovery (CVE-2026-39470) , Apr 25, 2026
a3 Lazy Load (CVE-2025-9873) , Apr 25, 2026
Brizy &#8211; Page Builder (CVE-2025-0969) , Apr 25, 2026
GHL Wizard (CVE-2025-5483) , Apr 25, 2026
BetterDocs – Best Documentation, FAQ &amp; Knowledge Base Plugin with AI Support (CVE-2026-6393) , Apr 25, 2026